Password Preferences - Default Password

The Default Password tab within Password Preferences enables administrators to set a portal-wide default password, change the default password, and manage default password rules such as lifespan and expiration date. Furthermore, default passwords must comply with the password complexity rules defined on the General tab in Password Preferences.

Note: This functionality is only available to organizations that have enabled default password functionality. In addition, this functionality is being rolled out in production environments in phases. See the Rollout Schedule by Swimlane section for additional details.

To manage Password Preferences, go to Admin > Tools > Core Functions > Core Preferences > Passwords.

PERMISSION NAME PERMISSION DESCRIPTION CATEGORY
Password Preferences - Manage Grants ability to manage Password Preferences, which includes specifying the settings for users to change their own password, or for the system to generate an anonymous password, set the specific password requirements and allowing users to reset password by answering security questions. This permission can be constrained by OU and User's OU. This is an administrator permission. Core Administration

Default Password Management Tab

The Default Password Management tab enables organizations to view and set the default password and the lifespan of that password.

The Default Password Management tab displays the following information about the current default password:

  • Default Password - This displays the current default password.
  • Lifespan - This displays how long the default password is valid before a new default password must be set.
  • Expiration Date - This displays the date on which the default password will expire based on the specified lifespan. If enabled, the Default Password Email Reminder Template can be used as a reminder when the default password is approaching its expiration date.

Change Default Password

Select the Change Default Password button to change the default password and set the lifespan for that password.

Enter the following information:

  • Password - Enter the new default password.
  • Confirm Password - Enter the new default password a second time to confirm it is entered correctly.
  • Lifespan - Enter how long the default password is valid before a new default password must be set.
  • Reason for Change - Specify why you are changing the default password.

Export to Excel

Select the Export to Excel button to export the list of users who are impacted by the default password change. This includes the user's first name, last name, user ID, and email address. This information can then be used to notify the respective users of the password change.

Rollout Schedule by Swimlane

Swimlane Date Default Lifespan Setting
All stage swimlanes April 20 (Start of UAT) 90 Days
All pilot swimlanes May 13 (May '22 Release) 90 Days

CDG SL1

CDG SL4

FRA SL1

FRA SL4

LAX SL1

LHR SL1

 May 13 (May '22 Release) 90 Days

AU swimlanes

JP swimlanes

LAX SL2

LAX SL5

LHR SL2

 May 27 Patch 180 Days

All swimlanes. This includes:

  • All remaining swimlanes (LAX SL3, LAX SL4, LHR SL3
  • All swimlanes previously migrated (portal that have already been migrated will be skipped)
 June 10 Patch 180 Days

Rollout Implications

For the initial rollout, a default lifespan is set for the default password. Please review the Rollout Schedule by Swimlane section to view the default lifespan for your swimlane.

The default password and lifespan settings are relevant to qualified default password users and may impact the login experience. Users may receive error messages during their login process for the following related scenarios:

  • The default password has expired before the user attempts to log in using the password. This scenario may occur if the user is matched with a default password that is older than the number of days defined in the lifespan of the default password preference.
  • The user account setup with the default password has been disabled due to 90 days of inactivity. This scenario may occur if the user has not logged in for more than 90 days after setting the default password.

The above scenarios are only relevant to default passwords; there are no changes to existing functionality for custom passwords and lifespans applied to custom passwords are not impacted.

Based on the customer feedback, the default lifespan setting applied to portals as part of the May 27th and June 10th patch rollouts is changed to 180 days. The intention is to limit the number of potentially impacted users and related administration workload. Due to security reasons, it is highly recommended to adjust the default password lifespan setting as soon as possible and apply the lowest possible number of days.

Resources